2 * Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved.
4 * This is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
9 * This software is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
21 * vncauth.c - Functions for VNC password management and authentication.
24 #ifdef __STRICT_ANSI__
28 #ifdef LIBVNCSERVER_HAVE_SYS_TYPES_H
29 #include <sys/types.h>
34 #include <rfb/rfbproto.h>
40 #ifdef LIBVNCSERVER_HAVE_SYS_STAT_H
54 /* libvncclient does not need this */
55 #ifndef rfbEncryptBytes
58 * We use a fixed key to store passwords, since we assume that our local
59 * file system is secure but nonetheless don't want to store passwords
63 static unsigned char fixedkey[8] = {23,82,107,6,35,78,88,7};
67 * Encrypt a password and store it in a file. Returns 0 if successful,
68 * 1 if the file could not be written.
72 rfbEncryptAndStorePasswd(char *passwd, char *fname)
76 unsigned char encryptedPasswd[8];
78 if ((fp = fopen(fname,"w")) == NULL) return 1;
80 /* windows security sux */
82 fchmod(fileno(fp), S_IRUSR|S_IWUSR);
85 /* pad password with nulls */
87 for (i = 0; i < 8; i++) {
88 if (i < strlen(passwd)) {
89 encryptedPasswd[i] = passwd[i];
91 encryptedPasswd[i] = 0;
95 /* Do encryption in-place - this way we overwrite our copy of the plaintext
98 rfbDesKey(fixedkey, EN0);
99 rfbDes(encryptedPasswd, encryptedPasswd);
101 for (i = 0; i < 8; i++) {
102 putc(encryptedPasswd[i], fp);
111 * Decrypt a password from a file. Returns a pointer to a newly allocated
112 * string containing the password or a null pointer if the password could
113 * not be retrieved for some reason.
117 rfbDecryptPasswdFromFile(char *fname)
121 unsigned char *passwd = (unsigned char *)malloc(9);
123 if ((fp = fopen(fname,"r")) == NULL) return NULL;
125 for (i = 0; i < 8; i++) {
136 rfbDesKey(fixedkey, DE1);
137 rfbDes(passwd, passwd);
141 return (char *)passwd;
146 * Generate CHALLENGESIZE random bytes for use in challenge-response
151 rfbRandomBytes(unsigned char *bytes)
154 static rfbBool s_srandom_called = FALSE;
156 if (!s_srandom_called) {
157 srandom((unsigned int)time(NULL) ^ (unsigned int)getpid());
158 s_srandom_called = TRUE;
161 for (i = 0; i < CHALLENGESIZE; i++) {
162 bytes[i] = (unsigned char)(random() & 255);
169 * Encrypt CHALLENGESIZE bytes in memory using a password.
173 rfbEncryptBytes(unsigned char *bytes, char *passwd)
175 unsigned char key[8];
178 /* key is simply password padded with nulls */
180 for (i = 0; i < 8; i++) {
181 if (i < strlen(passwd)) {
190 for (i = 0; i < CHALLENGESIZE; i += 8) {
191 rfbDes(bytes+i, bytes+i);